1. Field of the Invention
The present invention relates to a method of reliably accessing data on a directory server in a network.
2. Description of the Related Art
Electronic mail systems are becoming more and more popular as means for realizing smooth communications within an enterprise and between enterprises by transmitting and receiving documents created on information processing apparatus such as personal computers (PC), workstations (WS) and so on through a network such as LAN (Local Area Network).
A current electronic mail system uses a unique identifier referred to as a xe2x80x9cmail addressxe2x80x9d as the mail destination for each user. A user is assumed to know the mail address of a recipient before transmitting a mail, so that when the user sends a mail to a certain person for the first time, the user should inquire the person for his or her mail address beforehand by an appropriate means such as a telephone, thus involving an extra effort.
As a means for solving the problem mentioned above, a directory service has been provided as represented by X.500 (ISO9594) which is a recommendation of CCITT, or the like. The directory service may be utilized as an electronic address book in an electronic mail system.
A directory service conforming to X.500 has a data model which is hierarchically managed as a tree structure (directory tree). A directory entry is located at a position corresponding to a leaf of the tree. Each entry is uniquely identified by a name including hierarchical information (DN: Distinguished Name), and can store, in addition to a mail address of a user, various information such as full name, telephone number, FAX number, picture and so on of the user as attributes.
In addition, X.500 employs a client-server type distributed system architecture, and defines DAP (Directory Access Protocol) which complies with a seven-layer structure of OSI (Open Systems Interconnection) as a communication protocol between information processing units serving as clients and a server.
On the other hand, the IETF (Internet Engineering Task Force), which is a standardization organization in the Internet, has standardized xe2x80x9cLDAP: Lightweight Directory Access Protocol (RFC1777)xe2x80x9d as a protocol between clients and a server on TCP/IP. This protocol is also described in xe2x80x9cLightweight Directory Access Protocol (V3)xe2x80x9d, M. Wahl et al. RFC2251, December 1997. The user may access a directory server of X.500 from an application program (hereinafter abbreviated as xe2x80x9cAPxe2x80x9d) on a client through a network such as LAN, in accordance with LDAP, for searching for desired information such as the mail address of a user or the like.
FIG. 15 shows a part of an LDAP access request defined as RFC1777, which is described using ASN.1 (Abstract Syntax Notation One) defined as ISO8824.
Referring specifically to FIG. 15, Search 24 is a request for searching directory entries; Add 25 is a request for adding an entry; Delete 26 is a request for deleting an entry; and Modify 27 is a request for changing an attribute value in an entry. Other than the requests shown in FIG. 15, various access requests have been defined by RFC1777 as protocol elements, including Bind for starting a connection, Unbind for closing a connection, ModifyRDN for changing the name of an entry, Compare for comparing a certain attribute value between entries, and so on.
The directory server receives the access requests shown in FIG. 15, issued by a client, and access a database (hereinafter abbreviated as DB) which stores information on each directory entry. When an access request involves a search operation such as Search 24 or the like, the directory server searches the DB for an entry or entries meeting specified conditions, extracts the entry or entries from the DB, and returns the extracted entry or entries to the client. On the other hand, when an access request involves a modify operation such as Add 25, Delete 26, Modify 27 or the like, the directory server modifies associated directory information on the DB and returns the result to the client.
According to the conventional directory access method mentioned above, when the directory server receives a modify request, the directory server modifies associated directory information on the DB and simultaneously validates the modified information, so that the following problems arise.
For example, assume that the processing is suddenly interrupted due to power interruption, user""s erroneous manipulations, or erroneous operations of the information processing unit itself or a program, while an AP is successively updating a plurality of directory information items. Within a sequence of directory information items in course of the modification, only those which have reached the directory server are reflected to the DB.
A similar problem may also arise by an interruption of a work by the user. Specifically, when a sequence of meaningful processing is interrupted, the directory information looses the consistency, and it is difficult to eliminate the inconsistency once introduced into the DB. In addition, the conventional method only has a poor exclusive control capability.
It is therefore an object of the present invention to provide a directory access method which is capable of guaranteeing the consistency of directory information even if an inadvertent interruption due to a fault in a system or the like, an intended interruption made by a user or an AP, or the like occurs during the execution of a sequence of directory operations, or during simultaneous accesses from a plurality of APs.
To achieve the above object, the directory access method according to the present invention collectively processes a sequence of meaningful access requests as a logical work unit (transaction). According to a directory service implementing the directory access method of the present invention, a client issues an access request to a directory server either in a non-transaction phase or in a transaction phase. In the non-transaction phase, issued access requests are individually reflected to a database as before. The non-transaction phase thus provides the compatibility with conventional systems. In the transaction phase, on the other hand, a sequence of issued access requests are collectively reflected to the database as a single transaction. The client can bidirectionally transit between both the phases in accordance with the contents of processing. When the client transits to the transaction phase and issues a sequence of access requests, the consistency is guaranteed for a plurality of directory information items to be processed by the access requests.
To implement the directory access method according to the present invention, a directory server comprises a database for storing directory information; a non-transaction unit for processing individual access requests as different transactions; a transaction processing unit for processing a sequence of access requests as a single transaction; a phase management table for storing a processing phase for each connection with a client; and a phase management unit for passing a received access request to the non-transaction processing unit or to the transaction processing unit based on a stored processing phase.
In addition, the client is provided with a request for the directory server for defining transaction processing.